Spring Security
  1. Spring Security
  2. SEC-1404

Expression not expanded in intercept-url pattern

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.0
    • Fix Version/s: 3.0.2
    • Component/s: None
    • Labels:
      None

      Description

      Expression is not expanded in intercept-url pattern.

      Here is my configuration :

      	<security:http>
      		<security:form-login login-page="${security.admin.loginPageUrl}" login-processing-url="${security.admin.loginProcessingUrl}" default-target-url="${security.admin.loginTargetUrl}" always-use-default-target="true" />
      		<security:intercept-url pattern="${security.admin.loginPageUrl}" filters="none" />
      		<security:intercept-url pattern="/restricted/**" access="ROLE_ADMIN" />
      		<security:intercept-url pattern="/**" access="ROLE_USER" />
      	</security:http>
      

      and the error I get :

      org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'org.springframework.security.filterChainProxy' defined in null: Could not resolve placeholder 'security.admin.loginpageurl'
      

      The same expression works well in form-login#login-page attribute, but not in intercept-url#pattern attribute.

        Activity

        Hide
        Johann Vanackere added a comment -

        Sorry for the formatting, my corporate issue tracker uses

        
        

        for code samples.

        By the way, I have the same issue using Spring Security 3.0.1

        Show
        Johann Vanackere added a comment - Sorry for the formatting, my corporate issue tracker uses for code samples. By the way, I have the same issue using Spring Security 3.0.1
        Hide
        Luke Taylor added a comment -

        We already have unit tests in place which check that placeholders work in intercept-url element patterns. Then only thing I could see that was different in your code is that you are using filters="none". Hoever, I've modified the test to also do this and it still passes.

        Could you check you are definitely using an up-to-date versions and if possible check with a nightly snapshot.

        Show
        Luke Taylor added a comment - We already have unit tests in place which check that placeholders work in intercept-url element patterns. Then only thing I could see that was different in your code is that you are using filters="none". Hoever, I've modified the test to also do this and it still passes. Could you check you are definitely using an up-to-date versions and if possible check with a nightly snapshot.
        Hide
        Johann Vanackere added a comment -

        If I replace :

        <security:intercept-url pattern="$

        {security.admin.loginPageUrl}

        " filters="none" />

        with :

        <security:intercept-url pattern="/restricted/login.html" filters="none" />

        everything works fine.

        I'm using the lastest release version (3.0.1), I will check with nightly as soon as possible.

        Show
        Johann Vanackere added a comment - If I replace : <security:intercept-url pattern="$ {security.admin.loginPageUrl} " filters="none" /> with : <security:intercept-url pattern="/restricted/login.html" filters="none" /> everything works fine. I'm using the lastest release version (3.0.1), I will check with nightly as soon as possible.
        Hide
        Luke Taylor added a comment - - edited

        Ah, hang on. It looks like it may be a case sensitivity issue. I will investigate. In the meantime, switching your property names to lower case will probably solve the issue. It is also only a problem with filters="none".

        Show
        Luke Taylor added a comment - - edited Ah, hang on. It looks like it may be a case sensitivity issue. I will investigate. In the meantime, switching your property names to lower case will probably solve the issue. It is also only a problem with filters="none".
        Hide
        Luke Taylor added a comment -

        Should now be fixed in trunk.

        Show
        Luke Taylor added a comment - Should now be fixed in trunk.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Johann Vanackere
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: